←back to thread

QubesOS – A reasonably secure operating system

(www.qubes-os.org)
176 points TheFreim | 1 comments | 11 Jul 23 18:11 UTC | HN request time: 0.21s | source
Show context
syntaxing ◴[11 Jul 23 19:33 UTC] No.36686173[source]
Whoa is this firefox containers but at an OS level. Can you SSH to each container without using the window environment? I wanted to use something like proxmox but decided not to because my computer was only 4 cores and 4 threads. If I can use this but "dynamically" allocate the CPUs, it would be perfect for my application.
replies(1): >>36692261 #
fsflover ◴[12 Jul 23 09:43 UTC] No.36692261[source]
You can't ssh into the Qubes VMs from dom0. It would break the security model. You do not run anything in dom0 at all. But you can create an AdminVM that manages other VMs.
replies(1): >>36719706 #
1. onetuser ◴[14 Jul 23 05:08 UTC] No.36719706[source]
I doubt ssh or simple sh is a matter in this case. You can do simple sh:

qvm-run --pass-io {VM_name} -- ls

Security model is not to do anything non-admin related from dom0: if you "own" dom0 you can do everything.

Allocating amount of CPU cores is a feature of VM. Not sure about dynamic though. There is dynamic flag about memory, not CPU. In practice it looks like CPU is shared among all VMs, no need of special flag for it.